Posted by: David Harley | August 11, 2017

SMS touch – plain(text)ly an issue

David Bisson for Graham Cluley’s blog: SMS touch a security and privacy nightmare for iOS users – “Plaintext data transmissions make $1.99 app a spoofer’s delight…”

David Harley



Posted by: David Harley | August 11, 2017

Mugthesec Mac adware

Zeljka Zorz for Help Net Security: Stealthy Mughthesec Mac adware exposed: What it does, how to protect yourself.

Original analysis by Patrick Wardle: WTF is Mughthesec!? › poking on a piece of undetected adware

I wish people would include file hashes as text as well as screenshots: it’s a little exasperating having to type a hash like 9c4f74feff131fa93dd04175795f334649ee91ad7fce11dc661231254e1ebd84 from a screenshot in order to make use of it for further research. Much less error-prone if you can copy and paste a text string. 😉

Anyway, VirusTotal currently reports that two companies now detect that adware.


David Harley

Posted by: David Harley | August 10, 2017

Android Patches

Or as The Register puts it: It’s August 2017 and your Android gear can be pwned by, oh look, just patch the things – Google addresses dozens of security flaws in mobile platform

Android’s own security bulletin is here.

David Harley

Posted by: David Harley | August 8, 2017

AV-Comparatives Mac Security Review

AV-C’s Mac Security Test and Review report, July 2017:

Mac Reviews / Tests

Includes testing of the following:

Avast Mac Security
AVG AntiVirus for Mac
Avira Antivirus Pro for Mac
Bitdefender Antivirus for Mac
BitMedic AntiVirus
ESET Cyber Security Pro
Intego Mac Premium Bundle X9
Kaspersky Internet Security for Mac
Webroot SecureAnywhere Internet Security Complete

David Harley

Posted by: David Harley | August 1, 2017

Pre-Installed Android Trojan

The Trojan Dr. Web calls Android.Triada.231 comes pre-installed (but not for your convenience) in the firmware of a number of Android mobile devices ‘ including Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20.’

For Graham Cluley’s blog, David Bisson points out that ‘The security firm has contacted the manufacturers with the request that they push out updates to the affected devices…But as we all know by now, updates are too few and far between on too many Android devices.’

David Harley

Posted by: David Harley | July 25, 2017

Return of the Fruitfly

Well, personally, I’m more bothered with flying ants right now, but quite a few users of macOS/OS X are unsurprisingly concerned right now about the resurgent Fruitfly backdoor/spyware, the subject of an upcoming Black Hat presentation by Synack researcher Patrick Wardle that has attracted a great deal of attention:  Offensive Malware Analysis: Dissecting OSX/Fruitfly via a custom C&C Server. I talked (briefly) about an earlier iteration of the Fruitfly/Quimitchin malware  in January.

Further commentary:

Wardle told Mashable that ‘the entire Fruitfly malware net appears to be shut down at this time.’

David Harley

Posted by: David Harley | July 20, 2017

Skycure pessimistic about iOS

John Leyden is slightly sceptical of Skycure’s pessimism as regards iOS breaches and vulnerabilities: Martijn Grooten of Virus Bulletin even more so. “Android malware is still far more common. The whole report looks like the authors are desperate to make iOS security sound as bad as possible.”

The article: No one still thinks iOS is invulnerable to malware, right? Well, knock it off – As platform’s popularity continues to rise, so does its allure to miscreants 

Skycure’s report  here,

David Harley

Posted by: David Harley | July 20, 2017

Apple Updates

David Harley

Posted by: David Harley | July 17, 2017

More about OSX/Dok

Further to my earlier post, here’s a link to more information from Checkpoint: OSX/Dok Refuses to Go Away and It’s After Your Money

See also their earlier post: OSX Malware is Catching Up, and it wants to Read Your HTTPS Traffic (updated) 

Commentary from David Bisson for Graham Cluley’s blog: Malware installs Signal as part of scheme to steal Mac users’ banking credentials – A harbinger of ported threats to come for Mac users?

David Harley


Posted by: David Harley | July 13, 2017

OSX_DOK malware

Trend Micro: OSX Malware Linked to Operation Emmental Hijacks User Network Traffic

“The OSX_DOK malware (Detected by Trend Micro as OSX_DOK. C)  showcases sophisticated features such as certificate abuse and security software evasion that affects machines using Apple’s OSX operating system.”

David Harley

Older Posts »